Federal regulators proposed Tuesday to impose more than $12 million in fines on 600 telecoms that failed to file paperwork in 2008 explaining how they protect their customers' private information.
At issue are annual reports that phone companies, internet telephony concerns, and calling-card companies need to file explaining how they protect individuals' phone records, cellphone location data and personal information from data brokers and over-the-line private investigators.
The Federal Communications Commission tightened the privacy requirements and expanded the number of companies covered in 2007, but many companies seem to have failed to get the memo or take it seriously.
That's why the agency is proposing such widespread and newsworthy fines, according to acting agency head Michael Copps.
"The broad nature of this enforcement action hopefully will ensure substantial compliance with our CPNI (customer proprietary network information) rules going forward as the
Commission continues to make consumer privacy protection a top priority," Copps said in a statement.
The FCC is also proposing fines of $10,000 on companies that filed the required report by March 1, 2008, but didn't provide enough information to the agency.
Longtime phone privacy advocate Chris Hoofnagle, who heads the
Information Privacy Programs at University of California at Berkeley's Law and Policy Center, thinks the FCC is laying the groundwork for actually doing something about rogue data selling and pre-texting.
"The agency will start its enforcement actions by ensuring that all carriers are filing a security plan, and then will move on to evaluating the substance of the security plans," Hoofnagle said, via email.
Companies have until Sunday to file their reports for the 2008
calendar year. The reports have to say how the telecoms prevent people from pretexting, the practice of getting information on a person by calling up a company and pretending to be that person.
The companies also must disclose how often customers complain that CPNI data has been leaked by the company and what actions, if any, the companies have taken against data brokers.
Pretexting was made infamous by HP, when private investigators hired to investigate media leaks got the phone records of journalists and board members.
The National Cable and Telecommunications Association opposes the stricter limits on sharing and selling customers' phone records.
But on February 13, a federal appeals court rejected
(.pdf) the industry's attempt to continue sharing your phone records with outside companies in order to craft marketing pitches to you.
See Also:
